mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-05-07 11:06:39 +00:00
Add CVE-2021-26081 CVE-2021-26082 CVE-2021-26083
This commit is contained in:
David Black
parent
053835d275
commit
d7f9287048
@ -1,18 +1,105 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2021-26081",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "security@atlassian.com",
|
||||
"DATE_PUBLIC": "2021-07-15T00:00:00",
|
||||
"ID": "CVE-2021-26081",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Jira Server",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "8.5.14",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "8.6.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "8.13.6",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "8.14.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "8.16.1",
|
||||
"version_affected": "<"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Jira Data Center",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "8.5.14",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "8.6.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "8.13.6",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "8.14.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "8.16.1",
|
||||
"version_affected": "<"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "Atlassian"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "REST API in Atlassian Jira Server and Jira Data Center before version 8.5.14, from version 8.6.0 before 8.13.6, and from version 8.14.0 before 8.16.1 allows remote attackers to enumerate usernames via a Sensitive Data Exposure vulnerability in the `/rest/api/latest/user/avatar/temporary` endpoint."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Enumeration"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://jira.atlassian.com/browse/JRASERVER-72499"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,18 +1,107 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "security@atlassian.com",
|
||||
"DATE_PUBLIC": "2021-07-15T00:00:00",
|
||||
"ID": "CVE-2021-26082",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Jira Server",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "8.5.14",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "8.6.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "8.13.6",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "8.14.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "8.17.0",
|
||||
"version_affected": "<"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Jira Data Center",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "8.5.14",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "8.6.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "8.13.6",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "8.14.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "8.17.0",
|
||||
"version_affected": "<"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "Atlassian"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "The XML Export in Atlassian Jira Server and Jira Data Center before version 8.5.14, from version 8.6.0 before 8.13.6, and from version 8.14.0 before 8.17.0 allows remote attackers to inject arbitrary HTML or JavaScript via a stored cross site scripting vulnerability."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Cross Site Scripting (XSS)"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://jira.atlassian.com/browse/JRASERVER-72393",
|
||||
"refsource": "MISC",
|
||||
"name": "https://jira.atlassian.com/browse/JRASERVER-72393"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,18 +1,107 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "security@atlassian.com",
|
||||
"DATE_PUBLIC": "2021-07-15T00:00:00",
|
||||
"ID": "CVE-2021-26083",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Jira Server",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "8.5.14",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "8.6.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "8.13.6",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "8.14.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "8.16.1",
|
||||
"version_affected": "<"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
{
|
||||
"product_name": "Jira Data Center",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "8.5.14",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "8.6.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "8.13.6",
|
||||
"version_affected": "<"
|
||||
},
|
||||
{
|
||||
"version_value": "8.14.0",
|
||||
"version_affected": ">="
|
||||
},
|
||||
{
|
||||
"version_value": "8.16.1",
|
||||
"version_affected": "<"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "Atlassian"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Export HTML Report in Atlassian Jira Server and Jira Data Center before version 8.5.14, from version 8.6.0 before 8.13.6, and from version 8.14.0 before 8.16.1 allows remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Cross Site Scripting (XSS)"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://jira.atlassian.com/browse/JRASERVER-72213",
|
||||
"refsource": "MISC",
|
||||
"name": "https://jira.atlassian.com/browse/JRASERVER-72213"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user